View Single Post
Old 25th April 2007, 19:56
ndorphine ndorphine is offline
Junior Member
Join Date: Apr 2007
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default Domainkey Configuration

For the past couple of days I've been trying in vain to setup domainkey filtering with postfix. I've followed the tutorial at and have been through john longs ( example numerous times but my mails simply aren't being signed. In my postfix log I get the following

Apr 25 17:34:53 stgsrv postfix/smtpd[7392]: connect from localhost.localdomain[]
Apr 25 17:34:53 stgsrv postfix/smtpd[7389]: NOQUEUE: client=localhost.localdomain[]
Apr 25 17:34:53 stgsrv postfix/smtpd[7392]: 3843F9C451: client=localhost.localdomain[]
Apr 25 17:34:53 stgsrv[29557]: DomainKeys verification - neutral (no signature; no policy for;
The mails get sent t but without being signed.
I've followed both examples closely and read around fairly extensively, This is driving me nuts.

my looks like this
smtp      inet  n       -       n       -       -       smtpd
        -o smtpd_proxy_filter=
        -o smtpd_client_connection_count_limit=10 inet n  -       n       -        -      smtpd
    -o smtpd_authorized_xforward_hosts=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o smtpd_data_restrictions=
    -o mynetworks=
    -o receive_override_options=no_unknown_recipient_checks
pickup    fifo  n       -       n       60      1       pickup
        -o content_filter=dksign:
for inbound filter and like this
submission  inet  n     -       n       -       -       smtpd
    -o smtpd_etrn_restrictions=reject
    -o smtpd_sasl_auth_enable=yes
    -o content_filter=dksign:[]:10027
    -o receive_override_options=no_address_mappings
    -o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject

# specify the location of the DomainKeys signing filter
dksign    unix  -       -       n       -       10      smtp
    -o smtp_send_xforward_command=yes
    -o smtp_discard_ehlo_keywords=8bitmime

# service for accepting messages FROM the DomainKeys signing filter
# inet  n  -      n       -       10      smtpd
    -o smtpd_use_tls=no
    -o content_filter=
    -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
    -o smtpd_helo_restrictions=
    -o smtpd_client_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=
    -o smtpd_authorized_xforward_hosts=
For the outbound filter

All the mails are generated by a Rails app on the localhost.
Fedora Core 6
Postfix 2.4
dkfilter 0.11

If there's another surefire way to sign with domainkeys let me know
Reply With Quote
Sponsored Links